ProHoster > Blog > internet nhau > Kuburitswa kwe ftp server ProFTPD 1.3.8

Kuburitswa kwe ftp server ProFTPD 1.3.8

Mushure memakore maviri nehafu ebudiriro, kuburitswa kwakakosha kweProFTPD 1.3.8 ftp server kwakaburitswa, masimba ayo ari kuwedzera uye kushanda, asi kushaya simba ndiko kuzivikanwa kwenguva nenguva kwekusagadzikana kwengozi. Panguva imwecheteyo, kuburitswa kwekugadzirisa kweProFTPD 1.3.7f kunowanikwa, inova yekupedzisira muProFTPD 1.3.7 akateedzana.

Huru hutsva hweProFTPD 1.3.8:

  • Rutsigiro rwakaitwa pamurairo weFTP CSID (Client/Server ID), unogona kushandiswa kutumira ruzivo rwekuziva software yemutengi kuseva uye kugamuchira mhinduro ine ruzivo rwekuziva sevha. Semuenzaniso, mutengi anogona kutumira "CSID Name=BSD FTP; Version=7.3" uye kugamuchira mhinduro "200 Name=ProFTPD; Version=1.3.8; OS="Ubuntu Linux; OSVer=22.04; NyayaInonzwisisika=1; DirSep=/;".
  • Iyo SFTP protocol kuita yakawedzera rutsigiro rwe "imba-dhairekitori" yekuwedzera yekuwedzera ~/ uye ~ mushandisi/ nzira. Kuigonesa, unogona kushandisa iyo "SFTExtensions homeDirectory" dhairekitori.
  • Yakawedzerwa tsigiro yeAES-GCM ciphers "aes128-gcm@openssh.com" uye "aes256-gcm@openssh.com" kune mod_sftp, pamwe neye host kiyi kutenderera ("SFTPOptions NoHostkeyRotation") uchishandisa iyo OpenSSH yekuwedzera "hostkeys-00@openssh.com-prove00. Yakawedzerwa rutsigiro rwekugonesa AES GCM ciphers kune iyo SFTPCiphers dhairekitori.
  • Yakawedzerwa "-enable-pcre2" sarudzo yekuvaka nePCRE2 raibhurari panzvimbo yePCRE. Iko kugona kusarudza yakajairika injini yekutaura pakati pePCRE2, POSIX nePCRE yakawedzerwa kune RegexOptions kuraira.
  • Iyo SFTPHostKeys dhairekitori yakawedzerwa kuratidza iyo host kiyi algorithms inopihwa kune vatengi yeiyo mod_sftp module.
  • Yakawedzerwa FactsDefault dhairekitori kutsanangura zvakajeka runyorwa rwe "chokwadi" chinodzoserwa muMLSD/MLSD FTP mhinduro.
  • Yakawedzera LDAPConnectTimeout rairo kuona nguva yekubatanidza kuLDAP server.
  • Yakawedzera murairo weListStyle, ichikubvumidza kugonesa kuburitswa kwerunyorwa rwezviri mukati medhairekitori muchimiro Windows.
  • Iyo RedisLogFormatExtra dhairekitori yakaitwa kuti uwedzere ako makiyi uye kukosha kune JSON log inosanganisirwa neRedisLogOnCommand uye RedisLogOnEvent mirairo.
  • Chiratidzo cheMaxLoginAttemptsFromUser chawedzerwa kumurairo weBanOnEvent kudzivirira kusanganiswa kwakatarwa kwevashandisi uye Kero dze IP.
  • Tsigiro yeTLS yakawedzerwa kune RedisSentinel rairo kana ichibatanidza kuRedis DBMS. Iyo RedisServer dhairekitori ikozvino inotsigira yakagadziridzwa AUTH yekuraira syntax yakashandiswa kubvira Redis 6.x.
  • Yakawedzerwa rutsigiro rweETM (Encrypt-Then-MAC) hashes kune iyo SFTPDigests kuraira.
  • Mureza weReusePort wawedzerwa kune SocketOptions rairo kuti igonese SO_REUSEPORT socket mode.
  • Mureza weAllowSymlinkUpload wawedzerwa kune TransferOptions dhairekitori kudzosa kugona kurodha kune zvekufananidzira.
  • Yakawedzerwa rutsigiro rwe "curve448-sha512" kiyi yekutsinhana algorithm kune iyo SFTPKeyExchanges dhairekitori.
  • Iko kugona kutsiva mamwe mafaera mumatafura ekubvumidza / kuramba kwakawedzerwa kune mod_wrap2 module.
  • Iko kukosha kweiyo FSCachePolicy parameter yakashandurwa kuita "off".
  • Iyo mod_sftp module yakagadziridzwa kuti ishandiswe neOpenSSL 3.x raibhurari.
  • Rutsigiro rwakawedzerwa rwekuvaka neraibhurari ye libidn2 kuti ishandiswe pasi rose mazita edomeni (IDN).
  • Mune iyo ftpasswd utility, iyo yakasarudzika algorithm yekugadzira password hashes ndeye SHA256 pane MD5.

Source: opennet.ru

Tenga inovimbika yekutambira kwemasaiti ane DDoS dziviriro, VPS VDS maseva 🔥 Tenga webhusaiti yakavimbika ine dziviriro yeDDoS, maseva eVPS VDS | ProHoster